Is your server compromised right now? Do you have measures in place to check consistently?
If you are like most business owners, you can’t definitively answer these questions. Not knowing puts your business in serious jeopardy.
The truth is checking your server isn’t hard if you have the right service. I’ll detail out an easy to use and very affordable service later in this article. Before we dig into the solution, let’s learn more about how the process should work.
Running a vulnerability assessment is fundamental to security welfare of any business or company.
A vulnerability assessment needs to be scheduled at least monthly, if not more frequently.
Many business owners confuse a simple anti-virus check with a full vulnerability assessment.
An anti-virus check alone does not look at security as a whole. Server configuration, third party applications, network security and known exploits should also be considered. All these processes should form a full vulnerability assessment. This process often leads to people asking questions like “what is IT asset discovery” and the like, which can help systems remain more secure.
However, when it comes to individual users the real problem is ‘forgetting’ to stay current on OS and application updates…
Don’t Be An Easy Target
Hackers always grab the low hanging fruit. They want an easy target such as servers with outdated operating systems, plugins for WordPress that are not updated, or servers without firewall protection… all considered low-hanging fruit ripe for the picking.
It’s common sense really, why bother attacking a fortress when they can go after the straw hut?
Hosting your server behind a firewall is crucial in reducing the amount of hacking attempts you will receive.
Quite simply, adding a managed firewall to your server is crucial in reducing your vulnerability to attack.
Firewalls, on-site security, vulnerability assessments and more can add up very quickly. Thankfully, there is a solution that is very affordable that will reduce your risk greatly.
Most organizations will limit their checks to only a few times a year. Others will simply neglect a vulnerability assessment altogether.
As you now see, the more consistent you are with checking your server, the lower your chances of being the low-hanging fruit a hacker might pick.
Here are a few suggestions for you to consider if you are performing your own vulnerability assessments:
Basic Vulnerability Assessment Checklist
- Select an appropriate commercial or open source security scanning tool, depending on the application framework, that ensures maximum coverage.
- Check for the presence of injection flaws like SQL, JSON, XML, and LDAP injections. Test for cross-site scripting (XSS) through all input points for the application. Determine whether forms are submitted securely.
- Inspect for inadequate authentication methods, improper access control definitions, and broken login processes. Ensure passwords are secure and not easy to compromise.
- Review for secure session IDs/cookies.
- Ensure the network is secure and no other machines inside the network are compromised. If need be, opt for network security solutions available at Fusion Connect (https://www.fusionconnect.com/services/security) and its likes.
Of course, you can get more detailed than that… if you know what you are doing. Most business owners and IT managers simply do not have the time to allocate to consistent vulnerability scans.
Beyond vulnerability assessments, there are many other things you can add to boost your defense.
Location, Location, Location
You’ve heard that location matters in real estate… and it matters just as much with your server.
Many of these suggestions I’m about to make are expensive unless you are using the service I will reveal later in this article.
Most top-tier data centers include intrusion detecting systems, firewalls, two-factor authentications and content filtering. If you are hosting your server locally, you know how expensive these can be.
There are other advantages to hosting with a top-tier data center… such as reducing the amount of ‘traffic’ surrounding your equipment.
It is becoming more and more common for threats to be occurring at the physical local level. If you host servers in your office building and the room is not totally secure, you are opening your risk considerably to a local hack attempt.
Many businesses have found that their internal security is increasingly compromised through simple methods such as…
The true Trojan horse where an authorized user installs malicious software or enables a back door into the company’s network. It is thought that Sony Pictures was the victim of this Trojan horse tactic when they were hacked.
The data included personal information about Sony Pictures employees and their families, e-mails between employees, information about executive salaries at the company, copies of then-unreleased Sony films, and other information.
The perpetrators then employed a variant of the Shamoon wiper malware to erase Sony’s computer infrastructure.
To protect your business, location of physical equipment must be considered.
All of this can add up, but it doesn’t have to be expensive…
Here’s How To Protect Your Business
Earlier in this article I told you about an affordable solution that not only reduces your threat risk, but it also protects your data in the event you are compromised.
It’s the 5-in-1 Managed Services bundle from Superb Internet… and it includes vulnerability assessment, OS hardening and patches. In addition, you also get a managed firewall and managed backup.
The 5-in-1 Managed Services bundle is the ‘whole enchilada’ when it comes to protecting your business.
You get everything without the high cost of an IT expert who would charge thousands to configure and setup each of these for you. The good news is that you can get everything for one low monthly price.
Before we get into how affordable the 5-in-1 Managed Services bundle is, let’s go into detail about our topic today… vulnerability assessments.
The first step in reducing your risk is to close all the ‘holes’… and to do that, you need to know where the holes exist. Superb Internet starts with a powerful scanning tool…
How is a Vulnerability Assessment performed?
Superb’s Vulnerability Scanner is a powerful network security assessment tool for finding potential security risks and flaws either inherent to the operating system or created from misconfigurations.
Every dedicated and managed hosting customer gets one complimentary scan per month.
Superb’s security tool reports on thousands of updated vulnerabilities by performing a complete scan. After a scan is completed, a report is generated which lists possible vulnerabilities found on your server. The report ranks the vulnerabilities based on the security level of importance from “warning” to “high.” Vulnerability Scans are available on a subscription or on-demand basis.
After every successful scan, a report is automatically generated and delivered to your inbox.
Next, technicians perform OS hardening based on the results…
What is OS Hardening?
The purpose of OS Hardening is to minimize your server’s exposure to current and future threats by configuring the operating system to be optimally secure.
The OS Hardening service addresses security weaknesses in operating systems by installing the latest OS patches & updates, deactivating unnecessary programs, and following procedures and policies to reduce malicious attacks and system down time.
Once your server is online, patches and updates are made as needed moving forward…
Patches & Updates
The Superb Internet Professional Services Division will log into your server and apply any available updates on the 3rd Monday of every month. If necessary, they’ll also restart your server to complete the installation process.
This makes sure you are always up to date… always secure.
You can add the 5-in-1 Managed Services bundle to ANY existing Superb Internet Cloud or Dedicated Server.
And right now, if you add the 5-in-1 Manages Services plan, you’ll get R1Soft along with the following services and save a bundle of money at the same time:
1. Vulnerability Scanning
2. OS Hardening
3. Cisco Managed Firewall
4. Proactive Monitoring
You’ll get everything…
… hack prevention
… ransom protection
… data backup
… OS hardening and patch updates
… and a Cisco managed firewall
You get everything you need to SECURE YOUR BUSINESS and protect yourself for a price that’s so low, I don’t want to mention it here for our competition to see.
Login to your customer portal at https://mycp.superb.net/ or contact our sales team for a FREE Security and Data Protection Assessment by clicking the following link: https://www.superb.net/about/contact-us